[803] in WWW Security List Archive
Re: SSL, X509 Certificates and EuroSign
daemon@ATHENA.MIT.EDU (Jeff Treuhaft)
Wed Aug 2 22:20:46 1995
Date: Wed, 2 Aug 1995 15:28:32 -0800
To: mjmarkowitz@attmail.com (Michael Markowitz), www-security@ns2.rutgers.edu
From: jeff@netscape.com (Jeff Treuhaft)
Cc: lemorton@attmail.com (Leven E Morton),
rschlafly@attmail.com (Roger Schlafly)
Errors-To: owner-www-security@ns2.rutgers.edu
At 5:50 AM 8/2/95, Michael Markowitz wrote:
>
>I'm curious to know, in particular, whether Nortel code can be used with
>Netscape/VeriSign certificates (according to the VeriSign license agreement=
).
>Also, how quickly will Netscape accept alternate CA certificates for use wi=
th
>their licensed RSADSI code?
Not sure about the Nortel product. Someone needs to send me more info,
please. The original idea of only hardcoding CA's certs in the Navigator
was known to have problems and was also known to be temporary. Netscape
Navigator will be able to trust alternate CA certificates in its next
release. It will also support Client Keys, Certificates and Client
Authentication as described in the SSL protocol.
>
>I guess all of these questions go the heart of SSL & S/MIME. Are these tru=
ly
>open standards? Or is there really only one vendor wearing multiple
>disguises?
SSL as a protocol is not subject to any specific CA or certificate
infrastructure. There is also a new version of the SSL spec that was
prepared before the Stockholm IETF with some additions of interest. See:
gopher://ds.internic.net:70/00/internet-drafts/draft-hickman-netscape-ssl-01
.txt
regards,
jeff
----
jeff@netscape.com =80 Netscape Communications
tel: 415-528-2617 =80 501 East Middlefield Rd.
fax: 415-528-4120 =80 Mountain View, CA 94043
